Automatic SQL injection and database takeover tool
Go to file
2012-11-10 11:01:29 +01:00
doc minor update 2012-10-29 10:10:33 +01:00
extra Minor refactoring and update of sqlharvest.py 2012-08-21 13:37:16 +02:00
lib Patch for an Issue #235 2012-11-10 11:01:29 +01:00
plugins Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery) 2012-10-28 00:36:09 +02:00
procs Bug fix for --os-shell on MySQL (it was not working for a long time because of this) 2012-10-29 15:45:30 +01:00
shell making PHP stager smaller by 100 chars 2012-06-21 10:46:45 +00:00
tamper Refactoring code in tamper/bluecoat.py 2012-11-05 13:09:53 +01:00
thirdparty Important refactoring for web-based functionality 2012-10-29 15:09:05 +01:00
txt Minor cleanup of standard wordlist (html entities, etc.) 2012-09-12 16:06:32 +02:00
udf cleanup to README files 2012-07-17 00:32:32 +01:00
xml Improvement and fix for pivotDumpTable mechanism 2012-10-28 23:09:35 +01:00
_sqlmap.py Minor update 2012-10-30 01:23:01 +01:00
.gitignore slightly updated gitignore 2012-07-11 16:54:53 +01:00
README.md Update README.md 2012-08-23 20:08:57 +03:00
sqlmap.conf Patch for an Issue #237 2012-11-08 19:16:37 +01:00
sqlmap.py Minor style update 2012-08-22 15:05:17 +02:00

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Links